What's left to doo on NTS
Richard Laager
rlaager at wiktel.com
Mon Mar 4 16:39:16 UTC 2019
On 3/4/19 3:46 AM, Hal Murray via devel wrote:
> Plan A is to give all the servers the certificate and private key for
> time.nist.gov and do the load sharing via traditional DNS rotation. The
> disadvantage with that is that there are many copies of the private key out
> there. One leak and the whole system goes insecure.
>
> Plan B gives the servers individual certificates and names. Now we have to do
> the load sharing at the DNS level. I'm not a DNS wizard. NIST already uses
> CNAMEs for this. There is no POSIX API for getting the CNAME, so we would
> have to write some DNS code or find a library we like.
CNAMEs don't really help. Certificate validation uses the original name
anyway. Each server would have a separate time.nist.gov certificate and
key. This makes it easier to cleanup after a partial compromise (because
you can revoke just the one certificate), but is otherwise the same as
A. And when you have a cluster of identical machines, how likely is a
partial compromise anyway?
Another option is for the names to be user-visible and require the users
to pick time-a.nist.gov vs time-b.nist.gov. This is useful, as you noted
below, if the servers are in different locations, which NIST does have.
> Plan B and C can coexist. Pick a nearby server by hand and use plan B. Or
> talk to the generic KE server and it will give you IP Address and initial
> cookies.
--
Richard
More information about the devel
mailing list